<?php
session_start();

$error = false;

if((!isset($_SESSION["user"]))||(!isset($_SESSION["type"]))||($_SESSION["user"] == ""))
	$error = true;

if($error)
{
	session_unset();
	session_destroy();

	header("Location: login.php");
	exit;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>Upload File</title>
<script type="text/javascript" language="javascript">
	function inserisci(nome_file, testo)
	{
		opener.ins_file(nome_file, testo);
		window.close();
	}
	
	function ctrl()
	{
		var frm = document.getElementById("upload");
		
		if((frm.userfile.value == "")||(frm.links.value == ""))
		{
			alert("Attenzione, compilare tutti i campi del modulo.");
			return false;
		}
		else
			return true;
	}
</script>
	
</head>
<body>
<?php
// $HTTP_POST_FILES per versioni PHP < 4.1.0
$max_size = 1572864; // 1.5 Mb
$file_type = array("image/bmp", "image/x-windows-bmp", "text/plain", "application/msword", "image/gif",
				   "application/x-compressed", "application/x-gzip", "multipart/x-gzip", "image/jpeg",
				   "application/pdf", "application/mspowerpoint", "application/postscript", "image/png",
				   "application/x-rar-compressed", "application/excel");

if(is_uploaded_file($_FILES["userfile"]["tmp_name"]))
{
    if($_FILES["userfile"]["size"] > $max_size)
	{
		echo "<p style=\"text-align: center; font-family: Arial, Helvetica; font-size: 11px; margin: 0px;\">
				<b><br><br><br>Attenzione, il file non deve superare " . ($max_size / 1024) . "Kb!</b><br><br>
				<input type=\"button\" value=\"OK\" onclick=\"javascript: window.close();\">
			  </p>";
		exit;
    }
	
	$file = "upload/" . date("dmYHis") . "-" . str_replace(array(" ", "-", "_"), "", $_FILES["userfile"]["name"]);
	
    if(file_exists($file))
	{
		echo "<p style=\"text-align: center; font-family: Arial, Helvetica; font-size: 11px; margin: 0px;\">
				<b><br><br><br>Errore. Esiste un file nel server con lo stesso nome.</b><br><br>
				<input type=\"button\" value=\"OK\" onclick=\"javascript: window.close();\">
			  </p>";
		exit;
    }
	
	$ret = true;
	
	foreach($file_type as $value)
	{
		if($_FILES["userfile"]["type"] == $value)
			$ret = false;
	}
	
	if($ret)
	{
		echo "<p style=\"text-align: center; font-family: Arial, Helvetica; font-size: 11px; margin: 0px;\">
				<b>
					<br><br><br>Errore. Il formato del documento non &egrave; compatibile.<br>
					Formati supportati: BMP, TXT, DOC, GIF, ZIP, JPG, PDF, PPT, PS, PNG, RAR, XLS 
				</b><br><br>
				<input type=\"button\" value=\"OK\" onclick=\"javascript: window.close();\">
			  </p>";
		exit;
    }
	
	@chmod("upload/", 0777);
	
    if (!move_uploaded_file($_FILES["userfile"]["tmp_name"], $file))
	{
		echo "<p style=\"text-align: center; font-family: Arial, Helvetica; font-size: 11px; margin: 0px;\">
				<b><br><br><br>Errore durante il caricamento del file.</b><br><br>
				<input type=\"button\" value=\"OK\" onclick=\"javascript: window.close();\">
			  </p>";
		exit;
    }
	else
	{
		$links = @$_POST["links"];
		
		if($links == "")
			$links = "void";
		
		echo "<p style=\"text-align: center; font-family: Arial, Helvetica; font-size: 11px; margin: 0px;\">
				<b><br><br><br>L'upload del file &egrave; avvenuto con successo.</b><br><br>
				<input type=\"button\" value=\"OK\" onclick=\"javascript: inserisci('$file', '$links');\">
			  </p>";
		exit;
    }
}
else
{
?>
<form id="upload" enctype="multipart/form-data" method="post" action="upfile.php">
    <p style="font-family: Arial, Helvetica; font-size: 11px; margin: 0px;"><b>File da inserire:</b></p>
	<input id="userfile" type="file" name="userfile" size="30"><br><br>
	<p style="font-family: Arial, Helvetica; font-size: 11px; margin: 0px;"><b>Testo del collegamento:</b></p>
	<input id="links" type="text" name="links" size="30" value="Allegato"><br><br>
    <input type="submit" value="Carica File" onclick="return ctrl();">
	<input type="button" value="Annulla" onclick="javascript: window.close();">
</form>
<?php
}
?>
</body>
</html>
